BitCrypt is latest encryption malware
Posted by: Timothy Weaver on 03/25/2014 11:12 AM
[
Comments
]
BitCrypt is the latest malware that encrypts your files, but this variant first steals your bitcoin wallets.
Once installed on a system, Bitcrypt locks you out of your files such as documents and pictures to archives, application development and database files.
according to antivirus vendor Trend Micro, the new version appends a .bitcrypt2 extension to encrypted files and can display its ransom note in 10 different languages: English, French, German, Russian, Italian, Spanish, Portuguese, Japanese, Chinese and Arabic.
Once infected, the desktop turns to a picture that reads “Your computer was infected by BitCrypt v2.0 cryptovirus” and points the victim to a file called Bitcrypt.txt for additional instructions. It asks for a payment of 0.4 bitcoins—around US$230 at current exchange rates—in order to obtain the decryption tool.
This new variant is being distributed by a Trojan program called FAREIT. FAREIT searches and attempts to extract information from wallet.dat (Bitcoin), electrum.dat (Electrum) and .wallet (MultiBit) files.
The only way to be safe from this malware is to do regular backups, not on the same computer or a shared network drive.
Once installed on a system, Bitcrypt locks you out of your files such as documents and pictures to archives, application development and database files.
according to antivirus vendor Trend Micro, the new version appends a .bitcrypt2 extension to encrypted files and can display its ransom note in 10 different languages: English, French, German, Russian, Italian, Spanish, Portuguese, Japanese, Chinese and Arabic.
Once infected, the desktop turns to a picture that reads “Your computer was infected by BitCrypt v2.0 cryptovirus” and points the victim to a file called Bitcrypt.txt for additional instructions. It asks for a payment of 0.4 bitcoins—around US$230 at current exchange rates—in order to obtain the decryption tool.
This new variant is being distributed by a Trojan program called FAREIT. FAREIT searches and attempts to extract information from wallet.dat (Bitcoin), electrum.dat (Electrum) and .wallet (MultiBit) files.
The only way to be safe from this malware is to do regular backups, not on the same computer or a shared network drive.
Comments
